https://bugzilla.redhat.com/show_bug.cgi?id=1149407 --- Comment #5 from František Dvořák <valtri@xxxxxxxxxx> --- (In reply to Mamoru TASAKA from comment #4) > * Creating user > - Is the shell of "rocci" user okay with /bin/bash? (/sbin/nologin > preferred?) > Nice catch! Fixed. > * Selinux related > - Well, I don't know selinux handling in detail, so if I am > wrong, please correct me. Now: > > * Status of log files > - What selinux status does files under > %{_localstatedir}/log/rocci-server/ > after the final "removal" of rOCCI-server? > Log files under %{_localstatedir}/log/rocci-server/ can remail > undeleted > after the removal of rOCCI-server rpm, and can't those files be > undefined > selinux state without again executing "restorecon" at %postun with "$1 > == 0"? > You're right. It is more interresting: passenger_log_t type is part of the main selinux policy already, so in this case it will remain on the files even after uninstalling both rOCCI-server and passenger. But it will be better to keep contexts consistent with currentley installed SELinux modules ==> calling restorecon to reset it to var_log_t. > * Documentation > - Can files under %{app_root}/examples/ moved to -doc subpackage? > OK, moved. > * Requires for rubygem(%{openssl_cms}) > - By the way, not strictly for this package, however are there any > reason why rubygem(%{openssl_cms}) has different naming between > ruby 2.0 and ruby 2.1? > Note that when gem contains C extension (under %gem_extdir_mri), > C library dependency is correctly added by rpmbuild process > (like libruby.so.2.1), and there should be no need to append > additional suffix to %gem_name, e.g. > > http://koji.fedoraproject.org/koji/buildinfo?buildID=596281 > http://koji.fedoraproject.org/koji/buildinfo?buildID=596282 > This is little more complicated. There are really used different gems (different code branches) for each ruby version in openssl_cms, so gems are named by upstream with the suffix. It's true it would be possible to do some patching and "lie" about the gem name (it is not on rubygem.org, so it would be even less complicated), but I've rather remained closer to the upstream way. > Other things looks okay. The new version: Spec URL: http://scientific.zcu.cz/fedora/rOCCI-server-1.0.5-3/rOCCI-server.spec SRPM URL: http://scientific.zcu.cz/fedora/rOCCI-server-1.0.5-3/rOCCI-server-1.0.5-3.fc22.src.rpm %changelog * Wed Dec 31 2014 František Dvořák <valtri@xxxxxxxxxx> - 1.0.5-3 - No shell for rocci user - SELinux cleanups: rules for Fedora 22, dependencies, context after uninstall - Update README.Fedora - Examples to doc subpackage -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list package-review@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/package-review